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REMARKS 



Several editorial corrections have been made to the specification. Claims 1 - 5, 1 1 , 14 - 
18, 26, 28 - 32, 40, 42 - 46, 51 - 53, and 58 - 60 have been amended. Claims 65 - 69 have been 
added. No new matter has been introduced with these corrections, amendments, or added claims, 
which are supported in the specification as originally filed. Claims 1 - 69 are now in the 
application. 

Independent Claims 1 and 58 have been amended to specify that the conqsuter program 
product may be embodied on "one or more" corr^juter-readable media. This is discussed in the 
specification on (for example) p. 17, lines 9 - 10, referring to "server-specific and client-specific 
parts". 

Added Claims 65 - 66 correspond to the third aspect of the fourth embodiment, wWch is 
described on p. 48, line 3 ^ p. 49, line 7, Added Claims 67 - 69 correspond to tlie first and second 
aspects of the fourth embodiment. See, for example, the text on p. 46. lines 14 - 1 7 and p. 47, 
lines 12" 15. 

Thus, it can be seen that no new matter has been introduced. 
I' Rejection Un der 35 U.S.g.JSl 12, second paragraph 



Paragraph 3 of the Office Action dated December 3, 2003 (hereinafter, '*the Ofiice 
Action'O states that Claims 1, 14, 28, 42, 51, and 58 are rejected under 35 U.S.C, §112, second 
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paragraph as being indefimte for feiling to particularly point out and distinctly claim the subject 
matter which Applicants regard as their invention. In particular, use of the terms "low-overhead 
connection", "existing n«s3age type", "piggy-bftcking", and "computh^ environment" are 
considered problematic. Paragnqjh 3 abo states that Claims 2 - 13, 1 5 - 27, 29 - 41, 43 - 50, 52 - 
57, and 59 - 64 are rejected on the same basis. 

Applicants' disclosed invention is considered low-overhead in that it exchanges security 
data usmg a mmimal number of message Saws. (See, for ejcample, p. 20, lines 1 - 7 of 
Applicants' specification, where this is discussed in terms of one embodiment of Applicants' 
invention. See also p. 45, lines 15-18, where the flows used by an embodiment claimed in this 
application are initiaily presented.) In the interest of progressing quickly to fesuance, this "low- 
overhead" phrase has been deleted from the claims with the amendmems made herein. 



FAX PAGE 29 



Preferred embodiments of Applicants' disclosed invention use already-existing message 
types, such as HTTP GET requests and responses, as noted in Applicants' specification. See, for 
example, the third sentence of the Abstract. TTie text of paragraph 3 of the Office Action states 
that "the instant any message is createdy it becomes an 'existing' message type". AppHcants 
respectfully submit that the instant any message is created, it becomes "an existing message", 
where this existmg message may be a message fif (or adhering to) an existing message type. (That 
is, a message does not "become" a message type.) Ho,^er. in the interest of progressing 
quickly to issuance, Applicants accept the Examiner's suggestion and the tenn "existing message 
type" is amended herein to "pre-existing message type". 
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TKe text of paragraph 3 of the Office Action also states that it is not clear what is meant 
by "piggy-backing" information. This is discussed at many places in Applicants' specification. 
See, for example, p. 20, lines 3 - 6, where (by way of example) it is stated that the initial HTTP 
GET Tcquest can be used to transmit parameters securely (where this HTTP GET request also 
transmits the client's request for a particular Web page); when the server sends its response (as an 
HTTP GET response, in this case), that response can contain securely-transmitted content. In 
this exanq)le, the parameters (and potentially other security information ) are "piggy-backed" onto 
the GET request message, and faiformation that can be used when decrypting the secure content is 
piggy-backed onto the GET response message. The text on page 27, lines 13 - 16 discusses two 
ways in which the piggy-backing of the parameters may occur. In one approach, the parameters 
may be transmitted as separate request headers of the request message. In another approach, the 
parameters may be appended to the URL in the request message. Applicants respectfully submit 
that the claims, as presented herein, are not unclear regarding what Applicants intend. 

Paragraph 3 of the Office Action also states that it is not clear what is meant by 
"computing environment''. In the interest of progressing quickly to issuance, Applicants have 
removed this term from their claim language. 



In view of the above, the Examiner is respectfully requested to withdraw this rejection. 

^I- Requirement for Injformation Under 37 C RR. 61.105 

Paragraph 4 of the OflRce Action states that Applicants and the Assignee are required 
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under 37 C.F.R. § 1.105 to state whether any search of jprior art was perfonned, and to provide 
the citation for each prior art coHection search as well as citations of each piece of art "considered 
material to demonstrating the knowledge of a person having ordinaiy skill in the art to the 
disclosed invention of coupling or 'piggy-backing' ... client-server HTTP messages with key 
exchange and the exchange of security parameters" and each publication that iApplicants reKed 
upon to draft the ckimed subject matter. 

A search was conducted. The field of seareh inchided 380/21, 25, and 49. The databases 
searched are stated as WPAT, DOSS, TDBS, JAPIO, INSM, APS, USPM, and 
INTERNET. None of the patents or publications uncovered in that search were deemed material 
to the patentability of the various embodhnents of Ajjplicants' invention, and therefore an IDS 
was not submitted. 

The cited patents from the search report are as foDows: 

U. S, 532,922, "Data communication system", CL/SUB 380/45. 

U. S. 5,313,521, •■Key distrfljution protocol for j5te transfer in the local area 

networic", CI7SUB 380/21. 

U S. 5,557,678, "System and method for centralized session k^ distribution, 
privacy enhanced messaging and information distribution using a split private key 
public CTyptosystem", CL/SUB 380/21. 

U. S. 5,781,633, "Capability security for transparent distributed object systems", 
CL/SUB 380/25. 
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U. S. 5,825,890, *«ecure socket layer application program apparatus and method", 
CL/SUB 380/49. 

U, S. 5,850,442, "Secure world wide electronic comtnerce over an open network", 
CL/SUB 380/21. 

FR 2753027, *^ecurity device for data exchange network", CL/SUB 
HO4L009/30. 

The ched pubfications from the search report are as follows: 

IBM Technical Discbsure - *TxteiKling Secure Sockets Layer for Key Recover/*, 
Vol 41, No. 01, January, 1998, 

BM Technical Disclosure - '"Efficient Methods for Two Party Entity 
Authentication and Key Exchange in a High Speed Envjjtonment", Vol. 38, No. 3, 
March, 1995: 

IBM Technical Disclosure - 'Security for Rjouting Based on Link State 
AlgorithnM". VoL 39» No. 3, March, 1996. 

Neither AppHcants nor Applicants' attorney relied on any of the afbre-mentioncd patents 
or publications when drafting the application. Accordingly, Applicants believe that the 
requirements specified in the Office Action have been met by providing the citations, above. 
Copies of the three cited pubUcations are submitted herewith, for convenience of the Examhier. If 
other information is required, the Examiner is requested to notify Applicants^ attorney. 
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In drafting the appKcation, Applicants and AppUcants' attorney considered information i 
the comraonly-assigncd U. S. Patent appUcation 09/415,646, which is cited m this specification 



infomiation from that reference is discussed in the application as originally filed. 

In addition. Applicants and Applicants' attorney relied on information describing the then- 
current description of the HTTP and WSP GET, POST, and REDIRECT messages, as weU as the 
then-current description of the www-Authenticate header. Those references (which were not 
listed on the search report) were publicly available, and pertinent pages were obtained from the 
Internet; the citations of the actual references which were used are not presently known. 
However, it is believed that this information remains publicly available from the Internet, 

HI. Conclusion 

Applicants have addressed the rejections in the OflBce Action, and therefore the claims as 
presented herein are deemed patentable. Applicants respectfully request reconsideration of the 
pending rejected claims, withdrawal of all presently outstanding rejections, and allowance of aU 
claims at an early date. 



(and which is referred to therein as *the referenced patent application'*). The pertinent 



Respectfully submitted, 




Customer Nhn 25260 
Phone: 407-343-7586 
Fax: 407-343-7587 



Marcia L. Doubet, Attorney for Applicants 
Registration Nbr. 40,999 



Attachments: printed publications (3) 
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